Debugging and security testing with Firefox OS

This guide is aimed at security testers wanting to start testing Firefox OS; it will help community members audit apps and the Firefox OS platform itself.

Note: If you are not already familiar with Firefox OS security, head over to our Security section to find out all about it. Start by reading the Firefox OS security overview — this article provides a basic background in the terminology and architecture.

Getting started

Linux

Setting up B2G Desktop is as simple as extracting the archive and running the b2g binary:

tar xf b2g-something-something.tar.bz2
cd b2g
./b2g

Mac

Open the downloaded disk image file, and copy the B2G application to your /Applications directory. Once that's done, launch B2G Desktop by clicking the B2G aplication icon. Alternatively you can launch it from Terminal as follows:

/Applications/B2G.app/Contents/MacOS/b2g

Windows

Download and extract the zip file to a convenient location. Double-click on b2g.exe to start B2G Desktop.

Note: At the time of writing, there is an issue running B2G Desktop on Windows. You might want to try the Firefox OS simulator instead.

Getting started tips

You can now play with a Firefox OS instance running in a desktop window. Go and play around: Open the browser (lower right icon) and visit a web page, or try opening a few apps. You will notice that some device-specific functionality — such as the dialer, camera, radio etc — won't work for obvious reasons.

Now on to the real deal. We want to make JavaScript calls from inside Firefox OS.

Getting a debugging shell for Firefox OS

Marionette is based on the Selenium/WebDriver API, and provides the basis for the debugging shell we use to automate Firefox OS testing. First, set up the marionette client (written in Python) and follow the installation instructions given there.

Note: Recent tests have shown that you may have problems with certain versions of mozbase. The last known-working state of mozbase is at commit 9ee2de.

Note: Since you are using a nightly build, your b2g profile (just like in the Firefox browser, all user settings are stored within a profile) should already have Marionette enabled, via the line user_pref("marionette.defaultPrefs.enabled", true); in gaia/profile/prefs.js. If not, you might be using the wrong build.

At this point, you might be thinking of spinning up a Python console, importing the marionette-client library and creating a debugging session, but we can do something else: Stefan Arentz has created a simple JavaScript console that runs on top of the marionette-client library. So, let's download fxos-repl.py.

For our example, we will remotely control the Browser app. Start it by clicking the browser icon in the Firefox OS home screen's lower right with your mouse. Is the B2G binary showing the browser app? Good. The following commend will return a list of URLs representing the different apps we've got running, and allow us to start debugging them: